An updated version of the Sophos Web Appliance managed to "drop" thousands of user computers, and take the Australian call center of a global company offline for two days. The cause of the disaster was that the security company revoked the SSL 3.0 encryption algorithm used in the Citrix Receiver.
The British security company with the release of the 4.0.2.3 update last weekteam attempted to fix four non-critical SSL 3.0 issues.
But this update was the cause of the disaster that followed, as it was incompatible with recent versions of Citrix Receiver. The new Citrix was updated to fend off attacks with POODLE.
The company from Australia as we mentioned it went down for two days – and it's still showing problems with interruptions – since the update prevents operators from accessing a portal required for sending mission-critical entries.
The manager of the Australian company said that Sophos did not warn them about the SSL 3.0 withdrawal and took 24 hours to respond to a e-mail support, according to He Reg.
The Sophos update should normally have been designed and coordinated in advance, according to the manager.